Dynamic preview of electronic signature appearance

ABSTRACT

Methods and apparatus, including computer program products, implementing and using techniques for signing an electronic document, including establishing an electronic signature appearance for an electronic signature, determining a bounding region on the electronic document for the display of the electronic signature appearance, at the time of signing an electronic document, previewing the electronic signature appearance in the bounding region and signing the electronic document with an electronic signature, the electronic signature associated with the electronic signature appearance. The electronic signature appearance can be configured at the time of signing the electronic document.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation application of U.S. patentapplication Ser. No. 13/453,751 filed on Apr. 23, 2012, now allowed,which is a continuation of U.S. patent application Ser. No. 12/112,960,filed on Apr. 30, 2008, issued as U.S. Pat. No. 8,166,393, which is acontinuation of U.S. patent application Ser. No. 10/072,382, filed onFeb. 6, 2002, issued as U.S. Pat. No. 7,395,503, the contents of allwhich are incorporated herein by reference in their entireties.

BACKGROUND OF INVENTION

This invention relates to signing an electronic document.

An electronic signature is created and verified by means ofcryptography. Typically, a private key of the signer of an electronicdocument is used for creating the electronic signature and a public keyof the signer is used for verifying the electronic signature. Arecipient of the signed electronic document must have the correspondingpublic key in order to verify that the electronic signature is thesigner's.

In a conventional public-private key implementation, an electronicsignature is created by using a hash function to compute a resultderived from the signed electronic document and the signer's privatekey. If the signed electronic document changes, then the hash resultwill also, with an extremely high probability, change. At the time ofsigning the electronic document, a hash result is computed and thentransformed into an electronic signature using the signer's private key.The resulting electronic signature is statistically unique to both thesigned electronic document and the private key used to create it.Typically, an electronic signature is attached to or made part of theelectronic document and stored or transmitted with the electronicdocument.

Verification of the electronic signature is accomplished by computing anew hash result using the same hash function used in creating theelectronic signature. The signer's public key is then used to verifywhether the electronic signature was created using the signer'scorresponding private key and whether the newly computed hash resultmatches the hash result derived from the electronic signature. If thesigner's private key was used and the hash results are identical, thenthe electronic signature is verified. Verification indicates that theelectronic signature was created using the signer's private key and thatthe electronic document was not altered after it was signed.

The term electronic signature will be used to refer to the code derivedfrom the signed electronic document and a given private key. Anelectronic signature appearance is a visual manifestation of thesigner's signature on the electronic document. An electronic signatureappearance can include graphic elements and textual elements. Forexample, the electronic signature appearance can include an image of thesigner's handwritten signature and text indicating the date theelectronic document was signed. Because an electronic document cannot bealtered after it has been electronically signed without invalidating theelectronic signature, the signer cannot alter the electronic signatureappearance after signing the electronic document. If the signer is notsatisfied with the appearance of the electronic signature on theelectronic document, then the signer would have to effectively re-signanother copy of the electronic document, using an electronic signatureappearance satisfactory to the signer.

SUMMARY

The present invention provides methods and apparatus, including computerprogram products, for signing an electronic document. In general, in oneaspect, the invention features establishing an electronic signatureappearance for an electronic signature and determining a bounding regionon the electronic document for the display of the electronic signatureappearance. At the time of signing an electronic document, the signer ofthe electronic document previews the electronic signature appearance inthe bounding region and signs the electronic document with an electronicsignature, the electronic signature associated with the electronicsignature appearance.

Implementations of the invention may include one or more of thefollowing. The electronic signature appearance can be configured at thetime of signing the electronic document. The electronic signatureappearance can be configured by a user, and user input can be receivedactivating controls for controlling textual and graphic elementsincluded in the electronic signature appearance. The controls caninclude checkboxes, buttons or both. The electronic signature appearancecan include textual elements automatically copied from a certificate ofthe signer.

The preview of the electronic signature appearance can be displayedwithin the bounding region. The preview of the electronic signatureappearance can be displayed in a configuration dialog box within thebounding region, which dialog box can also display the controls forcontrolling textual and graphic elements. Alternatively, a preview ofthe electronic signature appearance can be displayed within the boundingregion on a display of the electronic document.

Establishing an electronic signature appearance can include receivinguser input selecting an electronic signature appearance from one or moreexisting electronic signature appearances, interacting with a user tocreate an electronic signature appearance, or receiving an electronicsignature appearance pre-configured by an author of the electronicdocument to be signed.

Determining a bounding region on the electronic document for theelectronic signature appearance can include interacting with a usersigning the electronic document to establish the bounding region orestablishing a bounding region pre-set by an author of the electronicdocument. An optimal layout of the electronic signature appearance canbe determined based on the dimensions of the bounding region. Optimaldimensions of the bounding region can be determined based on theelectronic signature appearance.

The invention can be implemented to realize one or more of the followingadvantages. A signer of an electronic document can preview an electronicsignature appearance shown to fit within a user-specified boundingregion prior to signing the electronic document. If the signer is notsatisfied with the electronic signature appearance, the signer can editthe electronic signature appearance by editing the dimensions of thebounding region or the graphic and textual elements displayed. Also, thesigner can create an electronic signature appearance at the time ofsigning an electronic document and then archive the electronic signatureappearance for later use. Alternatively, the signer can create anelectronic signature appearance at the time of signing, thus allowingthe appearance to be customized for a particular electronic document.

The details of one or more embodiments of the invention are set forth inthe accompanying drawings and the description below. Other features andadvantages of the invention will be apparent from the description, thedrawings, and the claims.

DESCRIPTION OF DRAWINGS

FIG. 1 depicts a computer dialog box for previewing an electronicsignature appearance in accordance with the invention.

FIG. 2 is a flowchart of a process for creating or editing an electronicsignature appearance at the time of signing an electronic document.

FIG. 3 is a flowchart of a process for creating or editing an electronicsignature appearance to archive.

Like reference symbols in the various drawings indicate like elements.

DETAILED DESCRIPTION

FIG. 1 shows a configuration signature appearance dialog box 100displaying a preview of an electronic signature appearance 123 shown tofit within a bounding region, as the electronic signature will bedisplayed on an electronic document that has been signed. The electronicsignature appearance 123 can include a number of textual elements andgraphical elements. The elements of an electronic signature appearancecan be static or dynamic, as described in further detail below.

Some examples of textual elements that can be included in the electronicsignature appearance 123 are described as follows. The electronicsignature appearance 123 can include the name of a signer 106 and thedate 114 and time 116 the electronic document was signed. Additionally,the electronic signature appearance can include a distinguished name 108of the signer, which provides further information to identify the signerin addition to the signer's name and can include, for example, anorganization the signer belongs to and the country of residence of thesigner. The location 120 where the electronic document was signed can beincluded in the electronic signature appearance in addition to a reason118 for signing the electronic document. The user can be prompted toinput the location 120 and the reason 118 at the time of signing.

An example of a graphical element that can be included in an electronicsignature appearance is a graphic of a notary public seal 124, which maybe necessary for the signer to meet legal requirements when signing theelectronic document.

The electronic signature appearance can also include dynamic validitytext 128 and a validity graphic 126, which provide information about thevalidity of the electronic signature. For example, the validity graphiccan be a checkmark if the signature is a valid, a question mark if thevalidity of the electronic signature is unknown, and an X if theelectronic signature is invalid. The corresponding validity textdisplayed with the validity graphic can be, for example, “signaturevalid”, “validity unknown” and “signature invalid”, respectively.

If a user receives a signed electronic document, the user can click on asignature field of the electronic document to validate the electronicsignature. For example, in one implementation, the method is performedby an application that maintains a certificate database associated witha user. The user can access a list of trusted certificates contained inthe certificate database, which list includes public key certificates ofpotential signers of signed electronic documents the user expects toreceive. If the identity of the signer is verified as being in theuser's list of trusted certificates and the version of the electronicdocument has not been altered since the electronic signature wasapplied, then the electronic signature is validated. In another example,the user can validate the electronic signature using a trusted thirdparty, such as a certificate validation authority that can be accessedover a network. The user can be notified of the verification status ofthe electronic signature by the display of validity text or a validitygraphic, or both. The validity text and validity graphic are dynamic inthat the application can change their appearance depending on thevalidation of the electronic signature.

A process for signing an electronic document using a configurableelectronic signature appearance is shown in FIG. 2. Upon receiving arequest by a signer to sign an electronic document (205), the signer isprompted to establish a bounding region on the electronic document (210)if a bounding region has not already been pre-set by an author of thedocument. The signer can establish the bounding region in any convenientfashion, for example, by holding down the mouse button on the electronicdocument and dragging out the area in which the signer would like theelectronic signature to appear. The signer thereby selects thedimensions and location of the bounding region for the electronicsignature appearance on the electronic document.

The signer can be prompted to input information that will form some ofthe textual elements of the electronic signature appearance, if thesigner chooses to include such textual elements. In one implementation,a dialog box is displayed to the signer requesting the signer to provideinformation, such as, a reason for signing the electronic document, thelocation of signing and contact information for the signer (215). Thesigner is also presented with the option of creating a new electronicsignature appearance (220), editing an existing electronic signatureappearance (220) or using an existing electronic signature appearance(230) to sign the electronic document.

If the signer selects to create an electronic signature appearance,information about the signer contained in a public key certificatecorresponding to the signer's private key that will be used to sign anelectronic document is retrieved (225). The configuration signatureappearance dialog box 100 shown in FIG. 1 is displayed to the signer. Apreview of the electronic signature appearance, which can include anyavailable information such as the signer information retrieved from thepublic key certificate and the location and reason for signing, isdisplayed within the bounding region (235).

If the signer selects to edit an existing electronic signatureappearance, the configuration signature appearance dialog box 100 isdisplayed to the signer, with a preview of the selected electronicsignature appearance displayed within the bounding region (235). In oneimplementation, the signer can access a list of existing electronicsignature appearances through a dialog box and select an electronicsignature appearance by highlighting an item on the list. If the userhas not previously created an electronic signature appearance, the listwill be empty. Alternatively, an author of the electronic document to besigned can include rules that constrain or define the electronicsignature appearance with the electronic document. The rules can definewhether specific attributes are required in the electronic signatureappearance, for example, whether name, date or reason are required to bepresent in the electronic signature appearance. The user can configureeither an existing electronic signature appearance or a new electronicsignature appearance interactively. This is done by interacting withcheckboxes and buttons displayed within a configure graphic box 136 anda configure text box 152 within the configuration signature appearancedialog box 100.

The configure graphic box 136 displays selections to allow the signer toimport a graphic file (240). The signer can select to include either nographic 138, an imported graphic 140 or the signer's name 142 as thegraphic. If the signer selects to import a graphic, the signer canselect to import a graphic file, for example a PDF (Adobe® PortableDocument Format) file or a file from a portable electronic device, forexample, a Palm™ organizer. If the signer selects the Graphic Filesbutton 130, a dialog is shown that allows the signer to select a file asa graphic source from a set of available files. The Palm organizerpop-up 132 allows importing of pictures from a Palm organizer, forexample, an image of the signer's handwritten signature. If any Palmfiles are present they are displayed in the Palm organizer popup 132.

The configure text box 152 displays checkboxes allowing a signer toselect textual elements to include in the electronic signatureappearance (240). Selecting the name checkbox 154 includes the signer'sname in the electronic signature appearance, for example “Fred Smith”106 as shown in the electronic signature appearance 123. The datecheckbox 156 controls the inclusion or exclusion of the date and timethat the signer signed the electronic document, for example, as shown inthe electronic signature appearance 123 at 114 and 116. The locationcheckbox 158 controls the inclusion or exclusion of the location atwhich the signer signed the electronic document in the electronicsignature appearance, for example, “Sunnyvale Calif.” 120, as shown inthe electronic signature appearance 123.

The reason checkbox 160 controls the inclusion or exclusion of thesigner's reason for signing the electronic document. In oneimplementation, the signer is presented with a drop down menu with alist of reasons from which the signer can select a reason oralternatively the signer can input a reason. One example of such asreason is the phrase “This document is ready for approval” 118 displayedas part of the electronic signature appearance 123. The distinguishedname checkbox 148 controls the inclusion or exclusion of the signer'sdistinguished name in the electronic signature appearance: an example ofa distinguished name 108 is included in electronic signature appearance123.

The validity text checkbox 150 controls the inclusion or exclusion ofdynamic validity text 128 in the electronic signature appearance. Thelabels checkbox 144 controls the inclusion or exclusion of textdescribing the elements included in the electronic signature appearance,such as the following text included in the electronic signatureappearance 123: “digitally signed by”, “DN”, “Date”, “Reason” and“Location”. If the labels checkbox 144 is not checked, then suchdescriptive text would not be included in the electronic signatureappearance 123. The logo checkbox 146 controls the inclusion orexclusion of a logo displayed in the background of the electronicsignature appearance.

If the signer chooses not to configure the textual elements, the textualelements will be set to a predefined default or according to rulesdefined by the author. For example, the predefined default can be set toinclude all textual elements.

As the signer selects the graphic and textual elements to include in theelectronic signature appearance, an optimal layout of the elements to beincluded in the electronic signature appearance is determined (250). Inone implementation, the optimal layout is determined based on the aspectratio of the bounding region. For example, if the bounding region ismore vertical than horizontal, then the elements are stacked vertically.Conversely, if the bounding region is more horizontal than vertical,then the elements are stacked horizontally.

A preview of the electronic signature appearance 123 is displayed withinthe bounding region using the determined optimal layout (255). Thesignature preview is updated whenever one of the selections in theconfiguration signature appearance dialog box 100 is changed. Thepreview can be displayed within a window 120 in the configurationsignature appearance dialog box 100, as shown in FIG. 1, or in aseparate window. Alternatively, the preview of the electronic signatureappearance 123 can be displayed on a display of the electronic documentto be signed.

If the signer is satisfied with the electronic signature appearance 123,the signer can select to sign the electronic document (260) using theelectronic signature appearance 123. Signing an electronic documentrequires the signer's private key, which is typically protected usingsome form of security. For example, the signer can be required to entera user name and password to access the signer's private key toelectronically sign a document. Once the signer has signed theelectronic document, the electronic signature including the electronicsignature appearance 123 is integral to the electronic document, and theelectronic signature appearance 123 cannot be modified withoutinvalidating the electronic signature. One reason it is important thatthe electronic signature appearance 123 become part of the signedelectronic document is because the position of the electronic signatureappearance 123 relative to other visible elements of the electronicdocument can have legal or other significance.

If the user selects to use—but not edit—an existing electronic signatureappearance (230), then the electronic document will be signed using theselected electronic signature appearance (260).

The signer can archive an electronic signature appearance 123 for laterretrieval and use. In one implementation, the signer can enter a title102 in configuration signature appearance dialog box 100 to identify theelectronic signature appearance 123 displayed in the preview pane 122.

FIG. 3 shows a process for creating and archiving an electronicsignature appearance far use at a later time. The process can beexecuted in an application maintaining security over electronicsignature appearances created and archived. For example, the user can berequired to authenticate his or herself by entering a user name andsecret password, to view the user's settings. The user can then view alist of existing electronic signature appearances and has the option tocreate a new electronic signature appearance or edit an existingelectronic signature appearance is presented to the user. In oneimplementation, a dialog box is displayed to the user including a listof existing electronic signature appearances, a new button to allow auser to create a new electronic signature appearance, and an edit buttonto allow a user to edit an existing electronic signature appearance(310). User input is received either selecting the new button orhighlighting an item on the list and selecting the edit button (315). Ifthe user selects to create a new electronic signature appearance,information about the user contained in the certificate corresponding tothe user's private key is retrieved (320).

The configuration signature appearance dialog box 100 (FIG. 1) is thendisplayed to the user, including a preview display of the selectedexisting electronic signature appearance or the new electronic signatureappearance including user information retrieved from the certificatecorresponding to the user's private key (325). User input is thenreceived configuring the graphic elements (330) and the textual elements(335). As the user selects the graphic and textual elements to includein the electronic signature appearance, the optimal layout of thegraphic and textual elements is determined (340) and the preview of theconfigured electronic signature appearance is updated (345). Once theuser is satisfied with the electronic signature appearance, the editedor new electronic signature appearance is stored for later retrieval bythe user to sign an electronic document (350).

A separate signature appearance file can be created for each user. Inone implementation, a user's electronic signature appearances can bestored in a database. For example, the database could be implemented asa PDF file. The PDF file can have one page for each of the user'sexisting electronic signature appearances.

In one implementation, an electronic signature appearance has layersarranged so that a dynamic validity graphic indicating the electronicsignature is invalid would not be obscured by other elements within theelectronic signature appearance, in the event the electronic signatureis invalid. An electronic signature appearance can have four standardlayers as follows, with the lower numbered layers being painted first:

n0—background layer;

n1—validity layer for presentation of a dynamic validity graphic, forexample, a question mark for validity unknown and a checkmark for valid;

n2—static graphic and textual elements; and

n3—validity layer for presentation of an invalidity graphic. This layeris above n2 so that the invalidity graphic (e.g., an “X”) cannot behidden by layer n2. If the electronic signature is valid, this layer isblank.

An additional, optional layer is n4, a text layer for presentation ofthe dynamic validity text, for example, “Signature is valid”, “ValidityUnknown” or “Signature is invalid”. Default values for the layers arestored in an electronic document signed using the electronic signatureappearance. For example, the default value for n1 can be a question markand the default value for n4 can be “Validity Unknown”. When theelectronic signature is validated, then the electronic signatureappearance dynamically changes to reflect the validation, and n1 becomesa check mark and n4 becomes “Signature is valid”, for example.

The invention can implemented in digital electronic circuitry, or incomputer hardware, firmware, software, or in combinations of them.Apparatus of the invention can be implemented in a computer programproduct tangibly embodied in a machine-readable storage device forexecution by a programmable processor; and method steps of the inventioncan be performed by a programmable processor executing a program ofinstructions to perform functions of the invention by operating on inputdata and generating output. The invention can be implementedadvantageously in one or more computer programs that are executable on aprogrammable system including at least one programmable processorcoupled to receive data and instructions from, and to transmit data andinstructions to, a data storage system, at least one input device, andat least one output device. Each computer program can be implemented ina high-level procedural or object-oriented programming language, or inassembly or machine language if desired; and in any case, the languagecan be a compiled or interpreted language. Suitable processors include,by way of example, both general and special purpose microprocessors.Generally, a processor will receive instructions and data from aread-only memory and/or a random access memory. Generally, a computerwill include one or more mass storage devices for storing data files;such devices include magnetic disks, such as internal hard disks andremovable disks; a magneto-optical disks; and optical disks. Storagedevices suitable for tangibly embodying computer program instructionsand data include all forms of non-volatile memory, including by way ofexample semiconductor memory devices, such as EPROM, EEPROM, and flashmemory devices; magnetic disks such as internal hard disks and removabledisks; magneto-optical disks; and CD-ROM disks. Any of the foregoing canbe supplemented by, or incorporated in, ASICs (application-specificintegrated circuits).

To provide for interaction with a user, the invention can be implementedon a computer system having a display device such as a monitor or LCDscreen for displaying information to the user and a keyboard and apointing device such as a mouse or a trackball by which the user canprovide input to the computer system. The computer system can beprogrammed to provide a graphical user interface through which computerprograms interact with users.

The invention has been described in terms of particular embodiments.Other embodiments are within the scope of the following claims. Forexample, the steps of the invention can be performed in a differentorder and still achieve desirable results.

What is claimed is:
 1. A method for electronically signing an electronicdocument, the method comprising: receiving input from a signer toelectronically sign an electronic document; interacting with the signerto create an electronic signature appearance, wherein the electronicsignature appearance is a visual manifestation of the signerelectronically signing the electronic document; providing a preview ofthe electronic signature appearance in a bounding region at a positionrelative to other visible elements of the electronic document, where thebounding region is a region on the electronic document where theelectronic signature appearance will appear; integrating the electronicsignature appearance with the electronic document; deriving a code usinga key and the electronic document with the electronic signatureappearance integrated therein; and providing the code as the electronicsignature of the electronic document.
 2. The method of claim 1 furthercomprising receiving input selecting the position of the electronicsignature appearance relative to the other visible elements in theelectronic document.
 3. The method of claim 1 further comprisingreceiving input selecting the dimensions of the bounding region for theelectronic signature appearance in the electronic document.
 4. Themethod of claim 1 further comprising receiving input specifying one ormore rules that constrain the electronic signature appearance.
 5. Themethod of claim 1 further comprising receiving input specifying one ormore rules that require one or more specific attributes in theelectronic signature appearance.
 6. The method of claim 1 furthercomprising receiving input specifying one or more rules that require aname, a date, or a reason in the electronic signature appearance.
 7. Themethod of claim 1 further comprising receiving input from the signerentering a geographic location where the electronic document was signed,wherein the electronic signature appearance comprises the geographiclocation.
 8. The method of claim 1 further comprising receiving inputfrom the signer entering a reason for signing the electronic document,wherein the electronic signature appearance comprises the reason.
 9. Themethod of claim 1 wherein the electronic-signature appearance comprisesa distinguishing name of the signer providing further information toidentify the signer.
 10. The method of claim 1 wherein the electronicsignature appearance comprises an organization to which the signerbelongs.
 11. The method of claim 1 wherein the electronic signatureappearance comprises a graphic of a notary public seal.
 12. The methodof claim 1 further comprising receiving input to validate the electronicsignature, wherein the electronic signature appearance comprises avalidity text or graphic providing information indicating validity ofthe electronic signature.
 13. The method of claim 1 wherein the key is aprivate key of the signer.
 14. The method of claim 1 wherein interactingwith the signer to create an electronic signature appearance comprisesreceiving a handwritten signature of the signer.
 15. A method forestablishing an electronic signature appearance for an electronicsignature; receiving input from a signer to electronically sign anelectronic document; receiving an electronic signature appearancepre-configured by the signer, wherein the electronic signatureappearance is a visual manifestation of the signer's electronicsignature of the electronic document; providing a preview of theelectronic signature appearance in a bounding region at a positionrelative to other visible elements of the electronic document, where thebounding region is a region on the electronic document where theelectronic signature appearance will appear; integrating the electronicsignature appearance with the electronic document; deriving a code usinga key and the electronic document with the electronic signatureappearance integrated therein; and providing the code as the electronicsignature of the electronic document.
 16. The method of claim 15 whereinreceiving the electronic signature appearance pre-configured by thesigner comprises: receiving a selection of a graphic file of thesigner's name from the signer; and importing the graphic and includingthe graphic in the electronic signature appearance.
 17. The method ofclaim 15 wherein receiving the electronic signature appearancepre-configured by the signer comprises: providing a list of existingelectronic signature appearances; and receive a selection from thesigner of an existing electronic signature appearance in the list.